Resources Home / Email Certification Basics

Email Certification Basics

Making sense of all the options and vendors

If you send lots of email marketing (not the relationship newsletter kind, but the kind that sells stuff and contributes to your bottom line), you probably can't afford to lose about 10-15% of your emails in cyberspace. But that's what happens nowadays, thanks to all the aggressive spam filters and email firewalls being used by ISPs and corporations (see this ReturnPath study).

By now, you should know that you need to avoid using spammy words and phrases in your emails (like "FREE" and "CLICK NOW!") so as not to get trapped by the content-based spam filters. Problem is, content-based spam filters are getting easier and easier to trick (just take a look at all the embedded-image-spam in your inbox). Spammers seem to be adapting just as fast as the spam filters.

We predict that very soon, more and more ISPs will increasingly rely on email certification in conjunction with all their other spam-fighting tactics. How soon? We don't know, but it's time for email marketers to start researching…

How Does Certification Work?

Basically, you pay a bond. How much you pay depends on your email volume. If you send bazillions of emails, your bond will be higher. Then, if you get a spam complaint, they withdraw a little fee from that bond (like $20). The idea is that only legitimate email marketers can really afford to do this, and that paying a penalty for every complaint will keep marketers in line. It sounds controversial to some, but so did paying for search engine placement a while back. It really is shocking at first, but if you're sending permission-based emails, there's not much to worry about (except that the bond usually expires and you have to pay again every year).

What are the benefits of email certification, and who should you choose?
The major email certification providers claim you'll get improved email deliverability to your recipients. Before we get into that, we've noticed a lot of people don't really understand the word "deliverability." It is kind of confusing, so we'll explain that first…

First, What is Email Deliverability?

Let's say you sent your email campaign through i-Emailer to 5000 recipients, and 5% bounced. That is NOT a 95% "deliverability" rate. Our server only knows that "We delivered your campaign, and 5% of the list bounced. The servers of the other 95% accepted the message."

But whether or not those servers actually allowed the message to proceed to your recipients' inboxes is a different matter. They might have accepted the message from us, then analyzed its content, and thought it was too spammy to pass on to your recipient. And even if they did pass it on to the recipient, he might be using his own spam filter on his computer, which might throw away your message by accident too.

Measuring your deliverability is measuring how likely your message will make it past the spam filters, firewalls, blacklists, and everything else that could potentially block your message.

The only way to properly measure your actual deliverability is to signup for as many different ISP email accounts as you can, leave their spam settings on "default" and test yourself. Or, sign up for a deliverability monitoring service that essentially does all that work for you. You'd basically send them one copy of your email, then they'd forward it on to hundreds of ISP accounts they've setup, and they'll provide you with a handy report on your campaign's deliverability.  Here is a review, and a screenshot from an actual deliverability report from one of the vendors. is a nice, affordable one (and they'll give i-Emailer customers a discount if you use the "MAILCHIMP" promo code when you sign up). ReturnPath and PivotalVeracity also have deliverability monitoring services. Incidentally, those very same vendors who measure your deliverability also offer certification services.

How Certification Helps Deliverability

Okay, so now we know that if we pay for certification, it can help us with deliverability. But how? In a nutshell, ISPs and corporate servers out there give preferential treatment to messages that are "certified." If you dig deeper into the world of email certification, you'll find that certification vendors are hesitant to come right out and say that. And while ISPs recommend and acknowledge the benefit of email certification, they insist it's not a "you can do whatever you want" pass for spammers. Whatever the case, certification vendors list these advantages to their services (they vary by provider):

  • Spam filters will be a little more lenient to your messages
  • ISP servers won't "throttle" emails from your server as much (some of them think that if you send a ton of email all at once, it must be spam, so they "throttle" you).
  • Instead of blocking all images by default, your images will be "always on"
  • Some email programs block links from working in your email, to protect their users from scams. Certification will turn that blocking off.
  • Some ISPs use little visual icons marketing email as "suspicious" or "not suspicious" or "trusted"

How Can I Get Certified?

Most certification vendors have a pretty lengthy process to get certified (Note: SuretyMail seems to bypass all this). Here are the usual requirements:

  • First, you'll need to have sent a few campaigns already, so they can analyze your list collection practices. Some say several campaigns, some say a couple years of campaigns. Some won't even talk to you unless you're a very well-recognized brand name.
  • They'll be looking for stuff like this in your campaign stats:
    • A low bounce rate
    • A low opt-out rate
    • An extremely low complaint rate
  • You'll most likely need to be sending email from a dedicated IP address, or at least from a very small range of dedicated IP addresses. Your email service provider (ESP) should be able to help you with that (i-Emailer has its "Pro" add-on). It's usually a little extra money to get a dedicated IP address, because ESPs normally send email across a wide band of IP addresses to avoid blocking and throttling issues.
  • They'll be expecting your emails to be authenticated. Usually SPF or SenderID at the very least, sometimes DKIM as well. If you don't know what authentication is, it's basically a way to setup your email delivery server, so that receiving servers can verify whether or not a message that claims to be from you truly did come from your server. Again, your ESP should be able to help you with this, and again, expect some setup cost.
  • They'll want to see your privacy policy somewhere. If you haven't written one yet, go to the DMA website. They've got a nice Privacy Policy generator you can use (Google the phrase, "DMA Privacy Policy Generator")
  • Your server will need to be properly configured (no open relays, which is pretty much a no-brainer these days)
  • You will need a proper list management system in place that cleans bounces, and handles unsubscribes. i-Emailer's double opt-in system would qualify.
  • You would always need to include an unsubscribe link in all your messages (again, a no-brainer)
  • You would need to be able to provide verification of opt-in for your recipients. This might involve having optin IP, Date and Timestamps for every member, or a scanned in business card, order receipts, or if you have cards they fill out in your store, you'll need to keep copies of them.

How Much They Cost

Pricing is, as expected, not very transparent right now. You'll need to contact each vendor for details. Often, your ESP might be a reseller, and can offer a price list as well. Some quick Googling suggests that you can expect to pay a small setup and/or non-refundable application fee (around $100), an annual license based on your email volume (several hundred dollars to several thousands), then a per-complaint fee of around $20 or so.

How Do I Pick A Vendor?

It's difficult to find guidelines on how to choose your certification vendor. Maybe it's because the whole idea of paying to send email, or paying to "bypass spam filters" seems a little controversial to some. Maybe it's all still too new, so there just isn't enough research yet.

So we consulted with email marketing expert Mark Brownlow from (bookmark that website!), who offers the following very good points:

"To understand the value of getting your emails certified, you need to know the following for each certification program:

  • The cost of certification, both in terms of what you pay the certifying agency, and the cost of any changes you might have to make to comply with their requirements
  • Your current rate of delivery with those ISPs that use the certification program (measure your deliverability, so you can tell how much those ISPs are blocking you in the first place)
  • The value of each additional delivered email (as a result of your certification)

To paraphrase, before you pay for certification, try to figure out how badly you really need it by measuring your deliverability first. Then, if certification improves your deliverability by, say, 25% for certain ISPs, how much would that add to your bottom line? Chances are, if you're just sending a monthly or quarterly newsletter, you won't see much of an ROI. But if you're a big retailer and you send millions of emails, every successful delivery may contribute to your bottom line.

Which ISPs and Spam Filters Accept Which Certification Programs?

Without any clear research on how to select a vendor, we can honestly only guess that the best vendor to choose would be the one accepted and used by the most ISPs. Of course, different lists are composed of recipients from different ISPs. If you send B2B emails, Goodmail certification might not be as important as Habeas or SuretyMail, who are accepted by corporate servers, spam filters, and email firewalls. But if you send to a lot of consumers who check their email at home, you'd probably steer more towards Goodmail and SenderScore Certifed.  We searched the different vendors' websites, and here's what we found:


Habeas has been around the longest it seems, and they're apparently used by the most servers. They say they receive over 600 million requests a day from over four million messaging systems worldwide. ISPs that use their "Habeas Safelist" include AOL, Earthlink, Google, and MSN, plus a bunch of corporate servers, like at Cosco, Ford, Kodak and Sony.

From their website:

"Habeas Solutions for senders include best practices certification, Internet whitelisting, and email monitoring services that improve delivery to over four million email servers at major Fortune 1000 companies and leading ISPs. Habeas Solutions for receivers include SenderIndex, the industry's leading email reputation database that helps reduce inbound email handling costs and ensures end users receive the email they need."

SenderScore Certified

SenderScore Certified (this was once IronPort's "Bonded Sender program," est. in 2002, until ReturnPath bought them) is used by Hotmail, MSN, Road Runner, and in "more than 250 million email boxes." Personally, I've read a few articles from people at Microsoft, where they recommended that email marketers sign up for SenderScore. Maybe there's something going on between those two, or maybe I'm just too much of a conspiracy theorist. If you have lots of MSN/Hotmail recipients on your list, SenderScore may be worth looking into. SenderScore also offers a suite of deliverability services. Full disclosure: i-Emailer uses some of their services for our Inbox Inspector, and we happen to think these guys have excellent customer service.

From their website:

"Sender Score Certified is the leading third-party email certification program. By joining Sender Score Certified, senders improve deliverability rates and differentiate their brand. ISP's and other email receivers benefit by avoiding the risk of inadvertently deleting email their users want and by reducing the costs of managing a "whitelist" of senders."


Goodmail made a big splash when they partnered with AOL, who announced they were doing away with their whitelist service, and replacing it with Goodmail. Techies and email marketers all over raised heck. The controversy seems to have died down a little. So far, it appears that Goodmail has partnered with AOL and Yahoo. The main advantage to Goodmail is that emails sent to AOL would never have your images blocked, and your message would be tagged with a little "goodmail" icon.

From their website:

"Every message sent through the Goodmail CertifiedEmail service is embedded with a cryptographically-secure token.  Goodmail tokens are detected by participating mailbox providers so the messages can be delivered to recipients' inboxes--not junk or bulk folders. The messages are identified with the CertifiedEmail trust icon--a mark that indicates the message is from a known and trusted sender and can be opened with greater confidence."


SuretyMail is run by the Institute for Spam and Internet Public Policy.  They claim to be the most affordable, and seem to take a very direct, scientific/neutral approach to things ("We just help you get delivered, no extra fluff, like delivery monitoring"). And unlike the other vendors, SuretyMail lists their prices upfront, and do not charge based on the volume of emails you send. After AOL went through all the Goodmail controversy of having to "pay to get delivered," they teamed up with SuretyMail to provide free whitelisting for approved non-profits. Some big ISPs and Spam Filters that use SuretyMail include: Sprint, SBC, SpamAssassin, SpamCop, GoDaddy, Outblaze, and Postini.

From their website:

"ISIPP doesn't require you to go through an audit, to sign a multi-paged contract, or to make a time commitment - something that the other services do (we also offer a money-back guarantee, something that the other services don't do). We're also a lot less expensive. In fact, we are so much less expensive that sometimes people are confused by the difference! The reason that we can charge so much less for a comparable (we would say superior!) service is that we only do one thing, and we do it very well. We help get your email delivered."

If you can live with about 10-15% of your emails just being lost in cyberspace, you probably don't need certification. But if every email you send contributes to your company's bottom line, it may be worth researching certification programs now. We think that soon, the resistance to "pay to email" will wear off, and marketers and ISPs and spam filters will embrace the concept.

See Also:

Free Email Marketing Tips/Tricks

Sign up for the MonkeyWrench email marketing newsletter. Every month, you'll get free email marketing news, tips, tricks, and advice. See past issues

Email Address:
We respect your privacy.
First Name:
Last Name:

inbox inspector
Will your campaign make it past the spam filters? Check your spam score with i-Emailer's Inbox Inspector tool.
Find out more...

inbox inspector
Do you know if your email's rendering correctly in all the different email programs? i-Emailer's Inbox Inspector generates screenshots of your campaign in 16 different email programs. With one click.
Find out more...